On Friday, Netherlands-based security firm Fox IT reported that Yahoo.com’s advertising network (ads.yahoo.com) was hacked and serving up malware to thousands of visitors during the last week. Fox IT believes Yahoo users were compromised as early as December 30, and the company estimates as of Friday that malicious materials were being delivered to roughly 300,000 visitors per hour—with nine percent (27,000) thought to be infected.
While infected, Yahoo’s ad servers were reportedly sending visitors an “exploit kit.” According to Fox IT, this would zero-in on vulnerabilities in Java to install various malware components on host computers. Fox IT has not yet identified a specific culprit, but the firm is confident the attack is financially motivated (with control of victim’s machines possibly being sold to others).
The Washington Post spoke to two security researchers who confirmed the situation. Researcher and WaPo contributor Ashkan Soltani said it’s possible the attack came from a direct hack, but the attackers may have also disguised the malware as regular ads that evaded Yahoo’s filtering system. Either way, The Post noted the situation is just the most recent case of Java exploits in a year that was filled with them.

CATEGORIES

Cyber Parse was created to provide knowledge to help everyone understand and deal with the ever increasing threats we all face by Cyber Crime (Malware, Social Engineering, Phishing and hacking).
Our purpose is to provide the right information to our readers by breaking down and communicating knowledge relating to Cyber Crime, Cyber Security, Information Security and Computer Security, then using Risk Management practices to help translate the technical aspects of the Risks, Threats, Vulnerabilities and controls to reduce the risk into business language.